<?php
  $msg = '';
  $del = $_SESSION['logged'] && $_SESSION['rights'] & $r_webmaster;
  if ($_POST['submitted']) {
      include('data/lib_f_validate.inc.php');
      extract($_POST);
      if (!$URL = validateURL($URL)) $err .= 'Invalid URL.<br>';
      if (!$Description = validateText($Description)) $err .= 'Invalid Description.<br>';
      
      if (!$err) {
         $LID = mq("INSERT INTO links (MID,URL,Description) VALUES (".$_SESSION['MID'].",'$URL','$Description')");
         logevent("Link added. LID=".$LID);
         $msg = 'Link successfully added.<br>';
      } else $msg = $err;
  } else if ($del && $_GET['delete'] && $d = mqs("SELECT LID,URL FROM links WHERE LID=".$_GET['delete'])) {
    logevent("Link ".$d['LID']." deleted: ".$d['URL']);
    mq("DELETE FROM links WHERE LID=".($d['LID']));
  }
  
  /**
  * Display link list
  */
  $content = $msg;
  $txtlen = 40;
  
  if ($del) $txtlen -= 5;
  
  if ($res = mq("SELECT LID,Description,URL,Hits,Name FROM links l
                 INNER JOIN members m on m.MID=l.MID")) {
         $content .= '<table cellpadding="3">';
         while($data = mysql_fetch_array($res)) {
            $content .= '<tr>
                           '.($del ? '<td rowspan="2"><a href="'.$_SERVER['PHP_SELF'].'?delete='.$data['LID'].'" onclick="return confirm(\'Delete Link?\nThis cannot be undone!\')">
                                            <img src="'.BILDERDIR.'del.gif" alt="del">
                                           </a></td>':'').'
                           <td colspan="2" nowrap><b>'.limitText($data['Description'],$txtlen).'</b></td>
                           <td style="text-align:right; width:100px">'.$data['Name'].'</td>
                         </tr><tr>  
                           <td style="width:55px" nowrap>'.$data['Hits'].' Hits</td>
                           <td colspan="2"><a href="extlink.php?LID='.$data['LID'].'" title="'.$data['Description'].'" target="_blank">'.limitText($data['URL'],$txtlen+10).'</a></td>
                         </tr>
                         <tr style="height:10px"><td></td><td></td><td></td></tr>';
         }
         $content .= '</table>';               
  } else $content .= 'No links yet.<br>';
  
  /**
  * Enter a new link.
  * Every club member can do this.
  */
  if ($_SESSION['logged']) {
    $content .= '
             <br>
             Here you can enter your own link:
             <form action="'.$_SERVER['PHP_SELF'].'" method="POST">
              <table cellspacing="0" cellpadding="3">
              <tr>
               <td>Description:</td>
               <td><input type="text" class="text" name="Description" maxlength="40"></td>
              </tr>
              <tr>
               <td>URL:</td>
               <td><input type="text" class="text" name="URL" value="http://www."></td>
              </tr>
              <tr>
               <td>done?</td>
               <td><input type="submit" class="button" value="submit"></td>
              </tr>
              </table>
              <input type="hidden" name="submitted" value="1">
            </form>';
  }
?>